<?php

include_once '../config.php';

$login = $_REQUEST['login'];
$pw    = $_REQUEST['passwort'];

$sql = "SELECT * FROM user WHERE "
     . "(login like '" . $login . "') AND (password = '"
     . sha1(strtoupper($login) . ":" . $pw) . "')";

$result = mysql_query ($sql);

if (mysql_num_rows($result) > 0) {
    $data = mysql_fetch_array($result);
    
    $g_id       = $data['user_id'];
    $g_user     = $data['login'];
    $g_password = $data['password'];
    $g_vname    = $data['vorname'];
    $g_name     = $data['name'];
    $g_time = time() + 2678400;
    
    setcookie('ID', $g_id, $g_time, '/');
    setcookie('USER', $g_user, $g_time, '/');
    setcookie('PW', $g_password, $g_time, '/');
    setcookie('VNAME', $g_vname, $g_time, '/');
    setcookie('NNAME', $g_name, $g_time, '/');
    
    $loginIsValid = true;
} else {
    $loginIsValid = false;
}

if ($loginIsValid) {
    setcookie('LOG','true',$g_time,'/');
    $ip       = getenv ("REMOTE_ADDR");
    $time_log = date('Y-m-d H:i:s');
        
    $sql = "UPDATE user SET last_login = '" . $time_log . "', last_ip = '" . $ip . "' WHERE user_id = " . $g_id;
    mysql_query($sql);
    
    echo '
            <div>
                <div class="toolbar">
                    <h1>Erfolgreich</h1>
                </div>
                <div class="info">
                    Hallo ' . $g_vname . ' ' . $g_name . '. Sie sind nun eingeloggt!
                </div>
         '; 
        
?>
                <ul class="rounded">
                    <a href="javascript:window.location = './index2.php'" rel="external" class="greenButton submit">Zum Hauptmenü</a>
                </ul>		
<?php
    echo '
            </div>
         ';
 } else {
     echo '
            <div>
                <div class="toolbar">
                    <h1>Fehler</h1>
                </div>
                <div class="info">
                    Passwort oder Benutzername wurden falsch eingegeben!
                </div>
                <ul class="rounded">
                    <a href="#" class="redButton goback">Noch einmal</a>
                </ul>
            </div>
	';
 }
 
 ?>

